-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Wed, 20 Feb 2013 20:56:31 +0900 Source: ruby-rack Binary: ruby-rack librack-ruby1.9.1 librack-ruby1.8 librack-ruby Architecture: source all Version: 1.4.1-2.1 Distribution: unstable Urgency: high Maintainer: Debian Ruby Extras Maintainers <pkg-ruby-extras-maintain...@lists.alioth.debian.org> Changed-By: KURASHIKI Satoru <lur...@gmail.com> Description: librack-ruby - Transitional package for ruby-rack librack-ruby1.8 - Transitional package for ruby-rack librack-ruby1.9.1 - Transitional package for ruby-rack ruby-rack - Modular Ruby webserver interface Closes: 698440 700173 Changes: ruby-rack (1.4.1-2.1) unstable; urgency=high . [ KURASHIKI Satoru ] * Non-maintainer upload. * Create cherry-picked patches for Security Fix (Closes: #700173 #700226). - CVE-2013-0262: 0004-Prevent-symlink-path-traversals.patch - CVE-2013-0263: 0005-Use-secure_compare-for-hmac-comparison.patch . [ Youhei SASAKI ] * Create cherry-picked patches for Security Fix (Closes: #698440). - CVE-2012-6109: 0001-Fix-parsing-performance-for-unquoted-filenames.patch - CVE-2013-0183: 0002-multipart-parser-avoid-unbounded-gets-method.patch - CVE-2013-0184: 0003-Reimplement-auth-scheme-fix.patch Checksums-Sha1: 9a3d309ba4a5e28c4704bdfe4b9ef3f0c59683ac 2296 ruby-rack_1.4.1-2.1.dsc 6af3e111e057eb2bce94f84c0a1ba178f2554a46 10188 ruby-rack_1.4.1-2.1.debian.tar.gz 792c22ac4c9749809bd6ef9898ae067c50e78081 82104 ruby-rack_1.4.1-2.1_all.deb 0dd02e0fff3e0272c99fc54d9e71f6a7289e08f5 4062 librack-ruby1.9.1_1.4.1-2.1_all.deb e4db038dfa727071b9164bde1683271a2af9d685 4062 librack-ruby1.8_1.4.1-2.1_all.deb 4551ba38658cd22f2ea6477e6ebe48c19445a9c8 4054 librack-ruby_1.4.1-2.1_all.deb Checksums-Sha256: 5a862fc25cd10be8e1a6a995e9b3026b8b4c179f96f71fb0d82685adc0fd1d27 2296 ruby-rack_1.4.1-2.1.dsc bde86e2666452bab7366eb9795975d51c559bc53791fefedbcfd53c55777d4cd 10188 ruby-rack_1.4.1-2.1.debian.tar.gz cea57d69381165645821e448805bab849116debc7ebd4d311dcb29ca8218995c 82104 ruby-rack_1.4.1-2.1_all.deb 93c466d51d6a045a178e7a943ee7a1a2911b315bb9a152e3d64cdf0a4a738521 4062 librack-ruby1.9.1_1.4.1-2.1_all.deb 68634886631f95701cac203a844d66778504dbf487fba894b44132dc09e395e4 4062 librack-ruby1.8_1.4.1-2.1_all.deb 8ba9cbc2c956f13cd0ddb990bc730d674fa6c011415e081601c91e046c06d6a9 4054 librack-ruby_1.4.1-2.1_all.deb Files: 5a8aec59ccabd8a6c1a46e48dc809a95 2296 ruby optional ruby-rack_1.4.1-2.1.dsc 0504150d496de77471904eb97f398dec 10188 ruby optional ruby-rack_1.4.1-2.1.debian.tar.gz e51a35b0965eefc77a76a99e757cafab 82104 ruby optional ruby-rack_1.4.1-2.1_all.deb c1ed80cb81d4860df8f25ef4ef5fbcbd 4062 oldlibs extra librack-ruby1.9.1_1.4.1-2.1_all.deb 5c2f366fb42573ecd4c5da8aede17c02 4062 oldlibs extra librack-ruby1.8_1.4.1-2.1_all.deb e926fa8545dad99397b6a90ac96d4f60 4054 oldlibs extra librack-ruby_1.4.1-2.1_all.deb
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJRLb3wAAoJEDIkf7tArR+mlmQP/35GAzLhoWXOzzxIL5qO/XRq vUSLSq2Qm9+OBED3hpzxTLsGRwjwsSPov9Scefn5g/qy6c9xEAbfXqBSwo7zzvfv sH6DeCPcBuRNxO7Ynx+zrnGDmOmWmIJBKWvsPsAIp6KF7eWfgxKmiWhjce0OETgw YNbgfDrskargQIwWq8u4TPv0A2oS7dE3sQbxKP6Ecp3PP+mQOl9oziu99b8iaU1a 4LlTohjMaB8MjgXKm6exuBpb+GDUvt8q/W9S3d9a9qQf0DyDX3yZwPuZhjirdw2a yhFtr+h73HTGybhGmslFjGoAdKdu0Sj+6XaFM3/bEjPvIIa/H3VGzU61D2msrFnN YuVq2Ta2HTVIjuD8h/AGMKUXB3Q9qz0O8sYOx1T9HgkehewlVGc4h7CJjaooc609 7iN7B6grHf5U6MAXL5708jqNQNSa1uTL9WJM7SPvAxBPmtPnnrdnofigNqCx3niG k5Gze8H2QrHGle3Ri25nQcA4PNPJug5d+Q/P5ZnT1KWFgDY6AKYr0cyWYCavQrUL vRdPZnMi3w8fGL2ILEwy/kQmqo7gEoHtIwMg7SQDrgA0+2uoShxkvLL1FUVuujWA n1A0SLi0eDaTI0M+gQ7iwcJXWfHsY64xFEGUHcvMGfPft/atBbblyEDrvkUopM2C Nc6RYYRb8+Qrn/lJO4yE =gjB6 -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1uacfj-0002n6...@franck.debian.org